Public computer networks, such as the Internet, are increasingly being used to conduct confidential communications. In order to keep such communications secure, one must prevent unauthorized access to confidential data, maintain the integrity of the communications and data, and authenticate the origin of data that has been received.
A variety of encryption systems have been developed to address these needs. Different encryption systems offer different degrees of security. In conventional encryption systems, the recipient of the message generally has some knowledge related to an original and secure key used to encrypt the message. This constitutes a major limitation on the degree of security current systems can provide.
For example, most conventional encryption systems, such as PGP (pretty good privacy), use a mathematical relationship that ties both private and public keys together, thereby creating a temporary "working key" that is identical on each end of the transmission. This mathematical relationship is based upon the product of two very large prime numbers of the form: (2 n)-1. Once this product is known, the secure key can then be determined and the entire system is jeopardized.
Another problem with conventional systems is the fact that the sender and recipient must typically exchange a "session key" before the sender may engage in secure communications with the recipient. For example, the sender may need first to give out its public key to the recipient and wait to receive a "session key" from the target recipient before the sender can finally send out its message. The "session key" returned to the sender may be a function of the sender's public key, intermixed with the recipient's private key. The substantial delay resulting from the need to create and communicate "session keys" between the sender and recipient before any communications can occur reduces the efficiency of the communications system.
Moreover, if the session key is a function of the sender's public key and the recipient's private key, those keys must remain static in order to continue using the prior-negotiated session keys. If either key is changed, the sender and recipient must renegotiate the exchange of session keys, thereby further reducing the efficiency of the system.
Finally, traditional encryption systems are inefficient in sending the same message to multiple parties. A single sender must encrypt the same message differently for each targeted recipient and transmit each encrypted message separately.
The need for increased security is becoming more acute as communications and data transmitted across unsecured media such as the Internet become more sensitive and valuable. Moreover, increasing volume and sophistication of transmissions has created a need for a more efficient encryption system.
Accordingly, there is a need for an encryption system which reduces disadvantages associated with conventional encryption systems.